package com.controller;

import com.vo.OrderVo;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Arrays;
import java.util.List;

@RestController
public class AdminController {

    public AdminController() {
    }

    @GetMapping("/order/list")
    @PreAuthorize("hasAuthority('stuff')")
    public List<OrderVo> orderVoList(){

        return Arrays.asList(
                new OrderVo(1L,"电脑"),
                new OrderVo(2L,"手机")
        );
    }

    @GetMapping("/buy")
    @PreAuthorize("hasRole('user')")
    public OrderVo buy(){

        return  new OrderVo(20L,"买一个游戏机");
    }

}
